Threat Analysis in Systems-of-Systems

Cyber-physical Systems of Systems (SoSs) are large-scale systems made of independent and autonomous cyber-physical Constituent Systems (CSs) which may interoperate to achieve high-level goals also with the intervention of humans. Providing security in such SoSs means, among other features, forecasting and anticipating evolving SoS functionalities, ultimately identifying possible detrimental phenomena that may result from the interactions of CSs and humans. Such phenomena, usually called emergent phenomena, are often complex and difficult to capture: the first appearance of an emergent phenomenon in a cyber-physical SoS is often a surprise to the observers. Adequate support to understand emergent phenomena will assist in reducing both the likelihood of design or operational flaws, and the time needed to analyze the relations amongst the CSs, which always has a key economic significance. This article presents a threat analysis methodology and a supporting tool aimed at (i) identifying (emerging) threats in evolving SoSs, (ii) reducing the cognitive load required to understand an SoS and the relations among CSs, and (iii) facilitating SoS risk management by proposing mitigation strategies for SoS administrators. The proposed methodology, as well as the tool, is empirically validated on Smart Grid case studies by submitting questionnaires to a user base composed of 3 stakeholders and 18 BSc and MSc students.

[1]  Sandford Bessler,et al.  Towards a collaborative framework to improve urban grid resilience , 2016, 2016 IEEE International Energy Conference (ENERGYCON).

[2]  Hussein A. Abbass,et al.  Mebra: multiobjective evolutionary-based risk assessment , 2009, IEEE Computational Intelligence Magazine.

[3]  Stephan Murer,et al.  Managed Evolution: A Strategy for Very Large Information Systems , 2010 .

[4]  J. Sweller COGNITIVE LOAD THEORY, LEARNING DIFFICULTY, AND INSTRUCTIONAL DESIGN , 1994 .

[5]  Jeffrey C. Mogul,et al.  Emergent (mis)behavior vs. complex software systems , 2006, EuroSys.

[6]  Klaus Pohl,et al.  Software Product Line Engineering - Foundations, Principles, and Techniques , 2005 .

[7]  Karl-Heinz Simon,et al.  CRITICAL SYSTEMS THINKING , 2011 .

[8]  Ketil Stølen,et al.  Risk Analysis of Changing and Evolving Systems Using CORAS , 2011, FOSAD.

[9]  Jan Willemson,et al.  TREsPASS: Plug-and-Play Attacker Profiles for Security Risk Analysis (Poster) , 2014, S&P 2014.

[10]  P. Chandler,et al.  THE SPLIT‐ATTENTION EFFECT AS A FACTOR IN THE DESIGN OF INSTRUCTION , 1992 .

[11]  Bernhard Ganter,et al.  Formal Concept Analysis , 2013 .

[12]  J.S. Dahmann,et al.  Understanding the Current State of US Defense Systems of Systems and the Implications for Systems Engineering , 2008, 2008 2nd Annual IEEE Systems Conference.

[13]  L. Beran,et al.  [Formal concept analysis]. , 1996, Casopis lekaru ceskych.

[14]  Andrea Bondavalli,et al.  Basic Concepts on Systems of Systems , 2016, Cyber-Physical Systems of Systems.

[15]  Andrea Bondavalli,et al.  Cyber-Physical Systems of Systems Foundations – A Conceptual Model and Some Derivations: The AMADEOS Legacy , 2016 .

[16]  Monica Martinussen,et al.  Likert-based vs. semantic differential-based scorings of positive psychological constructs: A psychometric comparison of two versions of a scale measuring resilience. , 2006 .

[17]  Peter G. Neumann,et al.  Principled assuredly trustworthy composable architectures , 2003 .

[18]  Gregory Laughlin,et al.  The Flash Crash: A New Deconstruction , 2017 .

[19]  Scott A. Selberg Toward an Evolutionary System of Systems Architecture , 2008 .

[20]  Virgil D. Gligor,et al.  Security of Emergent Properties in Ad-Hoc Networks (Transcript of Discussion) , 2004, Security Protocols Workshop.

[21]  Emiliano Raúl Guevara,et al.  Computing Semantic Compositionality in Distributional Semantics , 2011, IWCS.

[22]  James P. Peerenboom,et al.  Identifying, understanding, and analyzing critical infrastructure interdependencies , 2001 .

[23]  I. Chung Social Amplification of Risk in the Internet Environment , 2011, Risk analysis : an official publication of the Society for Risk Analysis.

[24]  Hermann Kopetz,et al.  Real-time systems , 2018, CSC '73.

[25]  Roel Wieringa,et al.  ArgueSecure: Out-of-the-Box Security Risk Assessment , 2016, 2016 IEEE 24th International Requirements Engineering Conference Workshops (REW).

[26]  Adrian Waller,et al.  Managing runtime re-engineering of a System-of-Systems for cyber security , 2011, 2011 6th International Conference on System of Systems Engineering.

[27]  Marco Mori,et al.  A Tool for Evolutionary Threat Analysis of Smart Grids , 2017, SmartGIFT.

[28]  Paul A. Kirschner,et al.  Cognitive load theory: implications of cognitive load theory on the design of learning , 2002 .

[29]  Marco Mori,et al.  A Holistic Viewpoint-Based SysML Profile to Design Systems-of-Systems , 2016, 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE).

[30]  Marco Mori,et al.  System-of-Systems to Support Mobile Safety Critical Applications: Open Challenges and Viable Solutions , 2018, IEEE Systems Journal.

[31]  Mohammad Jamshidi,et al.  System of systems engineering : innovations for the 21st century , 2008 .

[32]  Yann Bachy,et al.  Smart-TV Security Analysis: Practical Experiments , 2015, 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[33]  J. David Morgenthaler,et al.  Using FindBugs on production software , 2007, OOPSLA '07.

[34]  HERBERT A. SIMON,et al.  The Architecture of Complexity , 1991 .

[35]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[36]  Andrea Bondavalli,et al.  Emergence in Cyber-Physical Systems-of-Systems (CPSoSs) , 2016, Cyber-Physical Systems of Systems.

[37]  Zhao Yang Dong,et al.  The 2015 Ukraine Blackout: Implications for False Data Injection Attacks , 2017, IEEE Transactions on Power Systems.

[38]  Bruno Sinopoli,et al.  Challenges for Securing Cyber Physical Systems , 2009 .

[39]  Marco Mori,et al.  On the impact of emergent properties on SoS security , 2016, 2016 11th System of Systems Engineering Conference (SoSE).

[40]  Stephen N. Luko,et al.  Risk Management Principles and Guidelines , 2013 .

[41]  M. Jackson Critical Systems Thinking , 1991 .

[42]  Mariusz Chmielewski,et al.  The prediction of terrorist threat on the basis of semantic association acquisition and complex network evolution , 2023, Journal of Telecommunications and Information Technology.

[43]  Edmund H Conrow Risk Management for Systems of Systems , 2005 .

[44]  Yacov Y. Haimes,et al.  Exploring Systemic Risks in Systems-of-Systems Within a Multiobjective Decision Framework , 2017, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[45]  Ronald S. Ross,et al.  Guide for Conducting Risk Assessments , 2012 .

[46]  K. Morison,et al.  Power system security assessment , 2004, IEEE Power and Energy Magazine.